Skip to main content

Online Privacy: Citi Virtual Cards.

I really like Citi's Virtual card concept. With this service, you never have to give out your real credit card number online. Citi provides you with a tool that can generate a virtual credit card number. You use it for any merchant online. The card number is totally random. Cannot be traced back to original card number.

The Tool is of two types. You can download and install it (a flash based *application* - NOT an air app - WHY?) or your can launch in a browser. The install variant is only available for windows (has a specific installer works only on PC). For macs and *nix, You have use the launcher.

NOTE: Donot use Virtual Account Numbers for purchases that require you to show your credit card at time of pick-up (e.g., movie tickets, etc.). I fell in that trap twice. You can talk to the manager, but hey, why the hassle?

Now, Why am I, a developer, taking special interest in promoting this? Apart from the general push for privacy, I want to show how poorly designed is the access to this virtual card system. For some reason, to access the laucher, you have to access your login - first. And the link to launch is another couple of clicks and steps. The lunched app (same flash app as the installable variant), again asks you to login.

  • First of all, the citicards.com home page has a *critical* bug on linux. The page loads with a transparent help overlay flash (has no reason to be there) - preventing you to enter the username password. The only work around is to use firebug to delete that element or write a grease monkey script
  • Having to log into my account: This is crazy. All this only to open the popup.You are shopping online. Just about to check out a hot deal. Boom. You are slowed down to a snail.
  • The page could have been a simple link/button on the dashboard, but they just take you round and round on a roller coaster ride
  • The development could easily transform the flash install type. to an air app. Had it been so, you can even get it in *nix, mac

But the simplest solution of all is to get that link and open it yourself. To demonstrate this, I quickly copied the popup js code from the account page. See how easy it is to launch. click in the image below.

Popular posts from this blog

Appcache manifest file issues/caveats

Application cache (appcache) is a powerful feature in HTML5. However, it does come with baggage. Many (see links below) advocated ferociously against it due to tricky issues it comes with. For someone who is just testing waters, these issues may throw them off grid. Knowing them before hand helps reduce some unpredictable effects.

Being a Vegetarian

I am a Proud Vegetarian. I don't eat Meat or Eggs. People say its hard here in US to be one. I beg to differ. The mere fact that I am hail and healthy these 4 years is a definitive proof. Apart from being bullied and trash talked by The Meat-Eaters, There is really nothing that makes this choice of mine any more than a debatable issue at a lunch or dinner. Other things aside, I am writing this blog having watched a PETA Video. Before you click on the play button, I ask you - If you are a vegetarian : Dont watch it. If you are not : Dare to watch it till the end. If you think going veg is just a fashion, think again . Even if you just want to do it for Fashion . Do it. Go Vegetarian. And Feel better asking the waiter for a Vegetarian Entrée in your next lunch.

classpath*: making your Modular Spring Resources

Spring gives multiple options to load XML resources for building contexts. the reference documentation does explain this feature quite well. However, I am taking my shot at explaining the different practical scenarios ( by order of growing modularisation) For Example, A simplest Spring based web Context Loader can be configured with resources like this <context-param> <param-name>contextConfigLocation</param-name> <param-value>applicationContext.xml</param-value> </context-param> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> You just need to put applicationContext.xml in WEB-INF/ folder of your webapp. However, Typically an application is n-tiered. You can also have multiple files setup and in relative paths. like <param-value> context-files/applicationContext.xml context-files/dao.xml context-files/service.xml </param-value>